Governments globally need to focus on the unintended consequences of across the board attempts to deal with deficit spending. Saving pennies is important, but we need to make certain those savings do...

Earlier this week, a new vulnerability was discovered, potentially afflicting up to 950 million Android devices. This accounts for nearly all of active Android users. And what’s more shocking, it all...

While the latest news on the federal government’s cybersecurity posture zeroes in on data breaches, protecting the critical infrastructure that government and the private sector rely on is an equally...

Taking the Lead in Securing Critical Infrastructure

Dridex Best Practices

Instagram Direct: Your Private Messages to Marketers

A picture may really be worth a thousand words when it comes to how we communicate and consume media on mobile devices today. Photo and video messaging has taken over as the next big trend, with U.S. mobile phone users now sending 8% fewer text messages than they did last year. In light of the growing popularity of this communications trend, existing mobile messaging services are attempting to capitalize on this preference for photos as well as compete with newcomers like Snapchat, through private messaging and sharing features.

Enter Instagram Direct, the most recent and talked about update to the largely popular Instagram app, which allows you to upload, share, comment, and like pictures and videos with specific users—off the public feed. After selecting a photo or video to upload, you now have the option to share either publicly under “Followers” or privately under “Direct.” Just as with posting publicly to your followers, with Instagram Direct you can attach a message or caption to each image or video. But unlike sharing on the public feed, with Instagram Direct, you select a specific group of people with whom you wish to share (presently, anywhere from 1-15 followers). Only those to whom the image or video is directed can view it. They can either comment directly below the post, or reply with their own image/video message to you or all of those on the thread. Once the photo or video has been sent, you can see who has viewed the media and continue conversations in Instagram Direct, which is accessible at the top right of the Instagram mobile app home screen. Previously, unless you had your Instagram account set to Private, any media posted was automatically viewable to anyone who follows you.

While many Instagram users will celebrate this update, communicating via private message versus a public post may not be that much more confidential. Instagram has emphasized the intimacy and privacy aspects of Instagram Direct by pointing out that only people you follow will be able to send you pictures and videos without prior authorization—which can include brands on Instagram.

This direct messaging option could also be used to get more of your information into the hands of marketers and retailers. Most mobile apps and social networking channels generate revenue from two main sources—advertising and data mining. While seemingly innocuous, the information revealed in mobile communications can tell companies who your friends are, where your photos were taken in real-time, and much more. The addition of Instagram Direct gives Instagram itself, Facebook, and other third parties access to data that is even more personal than what was previously shared publicly. According to Instagram’s privacy policy under Facebook, information like cookies, log files, and location data can be shared with certain affiliate companies, service providers as well as advertisers.

The time stamps and geo-location tags attached to images taken on a mobile device could potentially be used by marketers to send more targeted, timely and possibly intrusive offers to unsuspecting users. Mobile location data can be a veritable gold mine in the right hands, but may not be something users would be so willing to share if they knew how it was going to be used. Aside from location-based features for navigation and travel, an increasing number of social media users are setting social network accounts like Instagram, Facebook, and Twitter to include location tagging in their posts and comments.

Considering that the information shared via Instagram Direct could be even more personal in nature, this “we see it, we share it” take on user data is worrisome. Online Google searches are already being used for advertising targeting and retargeting, so imagine how much more directed ads could be when used in tandem with location information and time stamps.

Personalization versus privacy has become a huge debate, and so far, there is no real resolution on the horizon. Companies like Facebook will continue to capitalize on the popularity of social sharing, so it’s up to the users to control how much information is available. Below are some tips to help your personal messages, photos, and videos stay private when using social media and messaging services like Instagram Direct.

Disable location sharing on all social networks.The Pew Research Center stated that 30% of all social media users (mobile and online) have location tagging set to default on at least one of their social networks (e.g. Twitter). Location sharing should be considered on a case-by-case basis. You don’t want to “over share” when it comes to your location, especially considering how it could be used when tied in with the “personal” information you have posted about yourself on social media channels.

Control which of your apps use location tagging.Most mobile devices let you enable overall location services in the general Settings. On both iOS and Android devices, you can set the location-tagging permissions for each app—individually, or disable them completely.

On Apple mobile devices (iOS 7 through iOS 4) go to Settings > Privacy > Location Services. From this menu, you can select to enable device-wide location tagging as well as determine the permissions for individual apps.

Beware what you share. Images can come back to haunt you on the Internet, whether you set them to private or not. Once your data is out, it can never be retrieved, so think carefully before posting on social channels.

To keep up with the latest security threats, make sure to follow @McAfeeConsumer on Twitter and like us on Facebook.